exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2017-10-24 to 2017-10-25

Ubuntu Security Notice USN-3454-2
Posted Oct 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3454-2 - USN-3454-1 fixed a vulnerability in libffi. This update provides the corresponding update for Ubuntu 12.04 ESM.  It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, to facilitate executing arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
SHA-256 | 62b33122a47c2d2785fafce032f896394e71015210dec7a602eea5b7d6c67445
Ubuntu Security Notice USN-3462-1
Posted Oct 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3462-1 - Jan PokornA1/2 and Alain Moulle discovered that Pacemaker incorrectly handled the IPC interface. A local attacker could possibly use this issue to execute arbitrary code with root privileges. Alain Moulle discovered that Pacemaker incorrectly handled authentication. A remote attacker could possibly use this issue to shut down connections, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2016-7035, CVE-2016-7797
SHA-256 | 4384b399869b60d559505c227d7dc753f73aa1b36d2bf6994fcaa90ab5ac8b80
Red Hat Security Advisory 2017-3047-01
Posted Oct 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3047-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 171. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
SHA-256 | bbe7908cff164751122dfd84e70eaebcd87444c60de530d15e00c3e33022eecd
Red Hat Security Advisory 2017-3046-01
Posted Oct 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3046-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 161. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-10165, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
SHA-256 | bd482745f8dc0e105bc099c629ff47658c99a2f53808a47cb77e614bf18e5a9b
Red Hat Security Advisory 2017-3018-01
Posted Oct 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3018-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. The following packages have been upgraded to a later upstream version: httpd24-httpd. Security Fix: A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2017-9798
SHA-256 | d125b2cd5c8a0482de5892becffd1b21cbff9d42397e85f157d298a35d83f3f1
HPE Security Bulletin HPESBHF03779 1
Posted Oct 24, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBHF03779 1 - A remotely exploitable denial of service vulnerability has been identified in HPE Fabric OS (FOS) running OpenSSH. This impacts versions prior to FOS v7.4.2. Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2016-6515
SHA-256 | e2d2b9631edb30a7ff9049c57731463bbe76cb777245783bd044fe3d853f4acf
FS Indiamart Clone SQL Injection
Posted Oct 24, 2017
Authored by 8bitsec

FS Indiamart Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 307fedbe2f62346b9be88ccc38798c64109f893de9f5f8d65c2aa7d4c29b1789
FS Groupon Clone SQL Injection
Posted Oct 24, 2017
Authored by 8bitsec

FS Groupon Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | afc589af3bf71d80c6e11c6d1863f0c2aa9154bd67e8d3e430d4f7ae4f880aea
Cisco Umbrella Virtual Appliance 2.0.3 Undocumented Support Tunnel
Posted Oct 24, 2017
Authored by David Coomber

Cisco Umbrella Virtual Appliance versions 2.0.3 and below contain an undocumented, auto-initiated reverse SSH tunnel which allows the Cisco Umbrella support team to have persistent and unrestricted access to the virtual appliance.

tags | advisory
systems | cisco
advisories | CVE-2017-6679
SHA-256 | 5e84ae818066bb4ac19ab58bf8766980a52ebe49a4dd880c31b67e49f4cb6e1b
Apple Support iOS Application 1.1.1 Unencrypted Third Party Analytics
Posted Oct 24, 2017
Authored by David Coomber

Apple Support iOS application versions 1.1.1 and below send potentially sensitive information such as mobile carrier, install date and time, number of app launches, device model, iOS version and screen resolution, unencrypted to a third party site (Adobe Marketing Cloud).

tags | advisory
systems | apple, ios
advisories | CVE-2017-7147
SHA-256 | b2897fa68d98d0bcdeca83e54c19b2cbffb7823e51716ff60960f9cc3e3d0cdb
FS Lynda Clone SQL Injection
Posted Oct 24, 2017
Authored by 8bitsec

FS Lynda Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 552b0a0201ad717ca10e762bdba06d1f1dc05291ad9c59c6c9a1411ae1c02d2a
Tuleap 9.6 Second-Order PHP Object Injection
Posted Oct 24, 2017
Authored by EgiX | Site karmainsecurity.com

Tuleap versions 9.6 and below suffer from a second order PHP object injection vulnerability.

tags | advisory, php
advisories | CVE-2017-7411
SHA-256 | 614615fd533a9914f7dae0fc5c046315ec0b6c9faa00541179463892e627fd24
Mikogo 5.4.1.160608 Local Credentials Disclosure
Posted Oct 24, 2017
Authored by LiquidWorm | Site zeroscience.mk

Mikogo version 5.4.1.160608 is vulnerable to local credential disclosure. The supplied password is stored as a MD5 hash format in memory. A potential attacker could reveal the supplied password hash and re-use it or store it via the configuration file in order to gain access to the account.

tags | exploit, local
SHA-256 | c2e3ddfdce5930e691b46f1bfda8faebea78d304b3f1c56f334c811b5b8cd2bb
Red Hat Security Advisory 2017-3005-01
Posted Oct 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3005-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. The following packages have been upgraded to a later upstream version: ansible-tower, cfme, cfme-appliance, cfme-gemset, rabbitmq-server, rh-ruby23-rubygem-nokogiri, supervisor.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2017-11610, CVE-2017-12148
SHA-256 | 5d6f2f797bc66745530e056e45966de331b7f4a4d539e9494b41c8fdfc0f84eb
Ubuntu Security Notice USN-3434-2
Posted Oct 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3434-2 - USN-3434-1 fixed a vulnerability inA A Libidn. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that Libidn incorrectly handled decoding certain A digits. A remote attacker could use this issue to cause Libidn to A crash, resulting in a denial of service, or possibly execute arbitrary A code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
SHA-256 | e6c33dd10d015020c636bc7afe366c9d89616515cf6e13fda233ed454b556d18
FS Car Rental Script SQL Injection
Posted Oct 24, 2017
Authored by 8bitsec

FS Car Rental Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a2da5327f7ce32851be4740784dbc0cfc272d0362696ef9b7cdc92fdf858e41d
FS Expedia Clone SQL Injection
Posted Oct 24, 2017
Authored by 8bitsec

FS Expedia Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f0fa0a5193f44053ab9fbf99b3aebfb6dacec6feb147629fc907406de0d5fb75
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close